How Secure is Your Network? CIS
Seven network scanners test your security before the crackers do.
- By Greg Saoutine
Cerberus, as opposed to other port scanners mentioned
in this article, doesn't perform a plain port scan.
Instead, Cerberus checks the target system for vulnerabilities
listed in its database. The database can be updated
in real-time from the vendor's Web site (recently, the
product pages have been co-hosted by security consulting
firm @Stake). Vulnerabilities pertaining to the Web
service, FTP and NetBIOS (among others) are checked
by this tool.
|Cerebus reports vulnerabilities on
a custom HTML page, with links to vendor sites and
software fixes. Other locations show where the problem
was found on the Web server being tested. (Click
image to view larger version.)
It provided an excellent (better than some of the commercial
products) assessment of the Web server (IIS 5.0). It
also found NetBIOS and FTP vulnerabilities, just as
Nessus and ISS did. However, its vulnerability database
in general is quite small compared to the commercial
products and Nessus. @Stake is planning on expanding
this database, and it soon could be well worth your
attention, especially as a free tool.
Greg Saoutine, MCSE, is an IT Consultant working in New York City.